Paths

CompTIA Cybersecurity Analyst (CSA+) CS0-001

This series provides an overview of the knowledge and skills required to prevent, detect, and mitigate information/cyber security threats and vulnerabilities. This series can be used to prepare for the CompTIA Cybersecurity Analyst (CSA+) examination (Exam CS0-001) first released in February 2017.... Read moreRead less

Related topics

CompTIA Cybersecurity Analyst (CSA+) CS0-001

In this series, you’ll learn how to configure and use threat detection tools, perform data analysis, and interpret the results to identify vulnerabilities, threats and risks to an organization. These courses will also help you prepare for the CompTIA Cybersecurity Analyst (CSA+) CS0-001 certification exam.

1

Enterprise Security: Policies, Practices, and Procedures

Description

Most companies are "reactive" instead of "proactive" when it comes to securing their networks, resources, and data. In this course, Enterprise Security: Policies, Practices, and Procedures, you will learn how to get ahead of the bad guys by looking at your infrastructure in a different manner. First, you will get a better understanding of the landscape and how fast it is changing. Next, you will delve into industry standards, frameworks, policies, and how these can affect your environment. Finally, you will learn about what tools to use and the need for penetration testing. By the end of this course, you will know how to keep up with the changes and continue to maintain a high level of security in your environment.

Table of contents

Course Overview

2m 16s

Security Data Analytics: What's Going On?

35m 26s

Defense in Depth: This Is Where It Begins

20m 46s

Defense in Depth: What Tools Can You Use?

33m 50s

Defense in Depth: Drill, Test, Rinse, Repeat

28m 42s

The Fundamentals of Frameworks, Policies, Controls, & Procedures

37m 1s

2

The Issues of Identity and Access Management (IAM)

Description

IT networks face increasing threats from both inside and outside your organization. Traditional perimeter defenses can miss insider threats, such as password leaks and fraud due to staff complacency, as well as external online threats such as zero-day attacks. To limit the presence of these threats, many IT departments are using identity and access management (IAM) solutions. In this course, The Issues of Identity and Access Management (IAM), you'll learn to look at IAM from the perspective of the issues that it can create for your organization. First, you'll dive into Oauth/OpenID and where the weaknesses are. Next, you'll explore SSO and federations. Finally, you'll learn how to setup a hacking environment using the AutoLab. When you're finished with this course, you'll be able to look at your IAM solution and see if you're protecting yourself, as well as your users.

Table of contents

Course Overview

2m 30s

It's All About Control

23m 58s

Managing Your Secret Identity

15m 19s

Other Authentication Methods

26m 47s

Identity Repositories

24m 42s

Building the Lab

42m 53s

Let's Look at the Exploits

39m 25s

3

Secure Software Development

Description

Most companies have a well-oiled machine with the sole purpose to create, release, and maintain functional software. Still, the growing concerns and risks related with insecure software have brought increased attention to the need to mix security into the development process. In this course, Secure Software Development, you will gain an understanding of the Software Development Life Cycle (SDLC) and the security implications that can arise to ensure that the software your organization uses is well written and secure through its lifespan. First, you will learn about the different options when it comes to following a SDLC. Next, you will delve into the 5 phases that software runs through as it is being developed. Last, you will dive into how vulnerabilities creep into your environment in ways you may have not considered. By the end of this course, you will be able to apply a proper SDLC and ensure that additional attack vectors aren't created by mistake (or on purpose) to expose your resources and networks.

Table of contents

Course Overview

2m 52s

What’s the Software Development Life Cycle (SDLC)?

19m 1s

Software Development Phases

19m 27s

Software Development Models

19m 35s

Software Vulnerabilities

13m 52s

Coding Best Practices

49m 29s

Code Reviews

19m 27s

Security Testing in Action

51m 35s

4

Performing and Analyzing Network Reconnaissance

Description

You've been tasked as an "Incident Handler" and you are wondering where you start. Attackers typically start with doing a little "reconnaissance" of their target, so it only makes sense that you start there as well. In this course, Performing and Analyzing Network Reconnaissance, you will learn how to think like an attacker in order to stay a step ahead of one. First, you will learn about the two different steps of reconnaissance and scanning. Next, you will learn what to look for, how it's done, and what you can do to protect your infrastructures. Finally, you will learn about tools you can use that the attacker will use against you. By the end of this course, you'll know how to look at your infrastructure the same way attackers do, and understand the process to minimize those threats.

Table of contents

Course Overview

2m 15s

The Two Steps

35m 25s

Initially What Do You Look For?

44m 45s

The More You Look, the More You Find

40m 53s

Other Reconnaissance Techniques

38m 30s

Reconnaissance via Google Hacking

40m 35s

Let's Not Forget PowerShell

55m 16s

Overview of Scanning

22m 48s

Understanding the 3-way Handshake

21m 8s

Checking for 'Live' Systems and Their Open Ports

32m 6s

Types of Scanning

44m 19s

Banner Grabbing and OS Fingerprinting

30m 5s

More Tools for the Utility-belt

18m 9s

Threats from Wireless

18m 23s

5

Implementing and Performing Vulnerability Management

Description

Networks aren't what they us to be, they're more complex than ever. Systems today are so interconnected and buried within those systems are thousands of undetected security vulnerabilities waiting to be used against you. Vulnerability Management systems are designed to recognize, rank, and remediate these vulnerabilities before an attacker gets a hold of them and exploits them to destabilize the privacy, integrity, or availability of your digital assets. In this course, Implementing and Performing Vulnerability Management, you'll learn about everything around vulnerability management. First, you'll learn about implementing a supportive vulnerability management VM program. Next, you'll explore through scanning. Finally, you'll dive into remediation steps that will help make sure attackers can't take advantage of you. By the end of this course, you’ll have enough knowledge to not only pick the VMP that’s right for you, but also how to use such applications to better the security of your network. Plus, you'll have all the information about VMP’s to help you with your CSA+ exam.

Table of contents

Course Overview

2m 38s

What Do You Need to Start?

56m 8s

Shaping and Implementing Your Vulnerability Scans

25m 49s

The Scanners

41m 14s

Analyzing Vulnerability Scans

21m 49s

Remediation and Change Control

13m 47s

Remediating Host Vulnerabilities

9m 55s

Remediating Network Vulnerabilities

14m 53s

Remediating Virtual Environments Vulnerabilities

13m 34s

6

Performing Incident Response and Handling

Description

It’s not a matter of “if”, but rather “when” an attack is going to happen. No matter what you know or do, the hard truth is there's no guaranteed way to stop an attacker from penetrating your organization. Once you’ve accepted that an attack will be unavoidable, your job now becomes "How do I respond to these situations?". This is where the role of an "Incident Responder" comes into play. What do you do when a system or device has been targeted? Well, that depends on the incident itself. In this course, Performing Incident Response and Handling, you'll start by making sure that you and your organization are prepared by learning about each of the security policies that you should have in place to clarify and focus everyone on the importance of keeping your resources secure. First, you'll learn about the actual process of detecting incidents and how to respond to them. Next, you'll explore the actual workflow steps that every security professional should follow to make sure you are consistent with all incidents that are currently affecting you as well as future ones. Finally, you'll dive into some of the more common incidents that take place in your networks by looking at how to handle and respond to issues like a DoS, a Session Hijack, or even Malicious Code. By the end of this course, you'll understand what is needed to help keep your network more secure by being more proactive and aware of what's happening in your environment.

Table of contents

Course Overview

3m 30s

Preparing for Incident Response and Handling

49m 6s

Incident Response Processes

43m 20s

The Workflow of Incident Response

40m 52s

Networks and Host Attacks

59m 11s

Service and Application Attacks

1h 10m 17s

Malicious Code and Insider Threats

53m

What you will learn

How to apply environmental reconnaissance techniques using the appropriate tools and processes

How to analyze the results of network reconnaissance

Given a network-based threat, how to implement or recommend the appropriate response and countermeasure

How to explain the purpose of practices used to secure a corporate environment

How to implement an information security vulnerability management process

How analyze the output resulting from a vulnerability scan

How to compare and contrast common vulnerabilities found within an organization

How to analyze threat data or behavior to determine the impact of an incident

How to prepare a toolkit and use appropriate forensics tools during an investigation

How to explain the importance of communication during the incident response process

How to analyze common symptoms to select the best course of action to support incident response

How to summarize the incident recovery and post-incident response process

How to explain the relationship between frameworks, common policies, controls, and procedures

How to use data to recommend remediation of security issues related to identity and access management

How to review security architecture and make recommendations to implement compensating controls

How to use application security best practices while participating in the software development life cycle

How to compare and contrast the general purpose and reasons for using various security tools and technologies

Pre-requisites

CompTIA recommends CSA+ candidates have a minimum of 3-4 years of hands-on information/cyber security or related experience. This path does not require any prior knowledge or experience.

Knowledge is power

A Professional or Enterprise Pluralsight account is required to access Transcender®* practice exams. Sign in below or sign up for a free team trial.